mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 10:15:40 +00:00
Protect the peer_authenticated flag more
Add more protection to the flag preventing attacker possibly to glitch using faulty certificate.
This commit is contained in:
parent
616fbe177c
commit
af60cd7698
|
@ -314,6 +314,7 @@ cleanup:
|
|||
{
|
||||
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
return( MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE );
|
||||
|
|
|
@ -4449,7 +4449,6 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
|
||||
ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
|
||||
ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC;
|
||||
return( 0 );
|
||||
}
|
||||
|
@ -4478,7 +4477,6 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
|
||||
ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
|
||||
ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC;
|
||||
return( 0 );
|
||||
}
|
||||
|
@ -4507,7 +4505,6 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
if( peer_pk == NULL )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
|
||||
ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
|
||||
ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC;
|
||||
return( 0 );
|
||||
}
|
||||
|
|
|
@ -48,6 +48,8 @@
|
|||
#include "mbedtls/ssl_internal.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
#include "mbedtls/version.h"
|
||||
#include "mbedtls/platform.h"
|
||||
|
||||
|
||||
#include <string.h>
|
||||
|
||||
|
@ -7261,7 +7263,7 @@ static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl )
|
|||
* indicating whether a Certificate message is expected or not.
|
||||
*/
|
||||
#define SSL_CERTIFICATE_EXPECTED 0
|
||||
#define SSL_CERTIFICATE_SKIP 1
|
||||
#define SSL_CERTIFICATE_SKIP 0xff
|
||||
static int ssl_parse_certificate_coordinate( mbedtls_ssl_context *ssl,
|
||||
int authmode )
|
||||
{
|
||||
|
@ -7609,7 +7611,6 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
|
|||
if( crt_expected == SSL_CERTIFICATE_SKIP )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
|
||||
ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
|
@ -7935,6 +7936,10 @@ int mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl )
|
|||
: mbedtls_ssl_conf_get_authmode( ssl->conf );
|
||||
#else
|
||||
const int authmode = mbedtls_ssl_conf_get_authmode( ssl->conf );
|
||||
#endif
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
|
||||
volatile int crt_expected = SSL_CERTIFICATE_EXPECTED;
|
||||
crt_expected = ssl_parse_certificate_coordinate( ssl, authmode );
|
||||
#endif
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) );
|
||||
|
||||
|
@ -7976,9 +7981,21 @@ int mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl )
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_SRV_C && !MBEDTLS_SSL_NO_SESSION_CACHE */
|
||||
|
||||
if( authmode == MBEDTLS_SSL_VERIFY_NONE )
|
||||
if( authmode == MBEDTLS_SSL_VERIFY_NONE ||
|
||||
authmode == MBEDTLS_SSL_VERIFY_OPTIONAL ||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
|
||||
crt_expected == SSL_CERTIFICATE_SKIP )
|
||||
#else
|
||||
1 )
|
||||
#endif
|
||||
{
|
||||
if( authmode == MBEDTLS_SSL_VERIFY_NONE )
|
||||
if( authmode == MBEDTLS_SSL_VERIFY_NONE ||
|
||||
authmode == MBEDTLS_SSL_VERIFY_OPTIONAL ||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
|
||||
crt_expected == SSL_CERTIFICATE_SKIP )
|
||||
#else
|
||||
1 )
|
||||
#endif
|
||||
{
|
||||
ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue