Attachment #2678 for bug #16103

View | Details | Raw Unified | Return to bug 16103
Collapse All | Expand All




	  len = _gnutls_read_uint16 (p);
	  p += 2;

	  if (len > 0)
	    {
	      DECR_LENGTH_RET (data_size, len, 0);
	      server_names++;
	      p += len;
	    }
	  else
	    _gnutls_handshake_log
	      ("HSK[%x]: Received zero size server name (under attack?)\n",
	       session);

	}

      /* we cannot accept more server names.
       */
      if (server_names > MAX_SERVER_NAME_EXTENSIONS)
	{
	  _gnutls_handshake_log
	    ("HSK[%x]: Too many server names received (under attack?)\n",
	     session);
	  server_names = MAX_SERVER_NAME_EXTENSIONS;
	}

      session->security_parameters.extensions.server_names_size =

      if (server_names == 0)
	return 0;		/* no names found */

      /* we cannot accept more server names.
       */
      if (server_names > MAX_SERVER_NAME_EXTENSIONS)
	server_names = MAX_SERVER_NAME_EXTENSIONS;

      p = data + 2;
      for (i = 0; i < server_names; i++)

Lines 447-452 Link Here

(-)gnutls-2.0.4/lib/gnutls_cipher.c (-3 / +11 lines)
447	return GNUTLS_E_INTERNAL_ERROR;	447	return GNUTLS_E_INTERNAL_ERROR;
448	}	448	}
449		449
		450	if (ciphertext.size < (unsigned) blocksize + hash_size)
		451	{
		452	_gnutls_record_log
		453	("REC[%x]: Short record length %d < %d + %d (under attack?)\n",
		454	session, ciphertext.size, blocksize, hash_size);
		455	gnutls_assert ();
		456	return GNUTLS_E_DECRYPTION_FAILED;
		457	}
450		458
451	/* actual decryption (inplace)	459	/* actual decryption (inplace)
452	*/	460	*/
Lines 498-506 Link Here
498		506
499	pad = ciphertext.data[ciphertext.size - 1] + 1; /* pad */	507	pad = ciphertext.data[ciphertext.size - 1] + 1; /* pad */
500		508
501	length = ciphertext.size - hash_size - pad;	509	if ((int)pad > (int)ciphertext.size - hash_size)
502
503	if (pad > ciphertext.size - hash_size)
504	{	510	{
505	gnutls_assert ();	511	gnutls_assert ();
506	/* We do not fail here. We check below for the	512	/* We do not fail here. We check below for the
Lines 509-514 Link Here
509	pad_failed = GNUTLS_E_DECRYPTION_FAILED;	515	pad_failed = GNUTLS_E_DECRYPTION_FAILED;
510	}	516	}
511		517
		518	length = ciphertext.size - hash_size - pad;
		519
512	/* Check the pading bytes (TLS 1.x)	520	/* Check the pading bytes (TLS 1.x)
513	*/	521	*/
514	if (ver >= GNUTLS_TLS1 && pad_failed == 0)	522	if (ver >= GNUTLS_TLS1 && pad_failed == 0)

Lines 942-947 Link Here

(-)gnutls-2.0.4/lib/gnutls_handshake.c (+8 lines)
942		942
943	*recv_type = session->internals.handshake_header_buffer.recv_type;	943	*recv_type = session->internals.handshake_header_buffer.recv_type;
944		944
		945	if (*recv_type != type)
		946	{
		947	gnutls_assert ();
		948	_gnutls_handshake_log
		949	("HSK[%x]: Handshake type mismatch (under attack?)\n", session);
		950	return GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET;
		951	}
		952
945	return session->internals.handshake_header_buffer.packet_length;	953	return session->internals.handshake_header_buffer.packet_length;
946	}	954	}
947		955

Lines 18-23 Link Here

(-)gnutls-2.0.4/lib/gnutls.pc.in (-1 / +2 lines)
18	Name: GnuTLS	18	Name: GnuTLS
19	Description: Transport Security Layer implementation for the GNU system	19	Description: Transport Security Layer implementation for the GNU system
20	Version: @VERSION@	20	Version: @VERSION@
		21	Requires: libtasn1
21	Libs: -L${libdir} -lgnutls	22	Libs: -L${libdir} -lgnutls
22	Libs.private: @LIBGNUTLS_LIBS@	23	Libs.private: @LIBGNUTLS_LIBS@
23	Cflags: -I${includedir}	24	Cflags: -I${includedir}

Lines 829-835 Link Here

(-)gnutls-2.0.4/lib/gnutlsxx.cpp (-1 / +3 lines)
829	credentials::credentials( credentials& c)	829	credentials::credentials( credentials& c)
830	{	830	{
831	this->type = c.type;	831	this->type = c.type;
832	this->set_ptr( c.ptr());	832	// FIXME: The following doesn't work, because set_ptr is virtual.
		833	// What was the intention?
		834	// this->set_ptr( c.ptr());
833	}	835	}
834	#endif	836	#endif
835		837




# libgnutls.vers -- Versioning script to control what symbols to export.
# Copyright (C) 2005 Free Software Foundation
#
# Author: Simon Josefsson
# Patched by: Pavlov Konstantin
#
# This file is part of GNUTLS.
#


GNUTLS_1_3
{
  global: _gnutls*; gnutls*; _E_*;
};

GNUTLS_1_6_1 {
    global:
        gnutls_transport_set_errno;
        gnutls_transport_set_global_errno;
};

GNUTLS_1_6_3 {
	global:
		gnutls_x509_crt_get_raw_dn;
		gnutls_x509_crt_get_raw_issuer_dn;
};

GNUTLS_2.0.0 {
    global:
        gnutls_authz_enable;
        gnutls_authz_send_saml_assertion;
        gnutls_authz_send_saml_assertion_url;
        gnutls_authz_send_x509_attr_cert;
        gnutls_authz_send_x509_attr_cert_url;
        gnutls_certificate_type_list;
        gnutls_cipher_list;
        gnutls_cipher_suite_info;
        gnutls_compression_list;
        gnutls_kx_list;
        gnutls_mac_list;
        gnutls_protocol_list;
        gnutls_sign_callback_get;
        gnutls_sign_callback_set;
        gnutls_supplemental_get_name;
        gnutls_x509_crl_get_signature;
        gnutls_x509_crl_print;
        gnutls_x509_crt_get_basic_constraints;
        gnutls_x509_crt_get_extension_data;
        gnutls_x509_crt_get_extension_info;
        gnutls_x509_crt_get_issuer;
        gnutls_x509_crt_get_proxy;
        gnutls_x509_crt_get_signature;
        gnutls_x509_crt_get_subject;
        gnutls_x509_crt_get_subject_alt_othername_oid;
        gnutls_x509_crt_print;
        gnutls_x509_crt_set_basic_constraints;
        gnutls_x509_crt_set_proxy;
        gnutls_x509_crt_set_proxy_dn;
        gnutls_x509_dn_get_rdn_ava;
        gnutls_x509_privkey_sign_hash;
};

GNUTLS_2.0.4 {
	global:
		gnutls_record_disable_padding;
		gnutls_session_enable_compatibility_mode;
	local:
		*;
};

Return to bug 16103

Lines 74-83 Link Here

(-)gnutls-2.0.4/lib/ext_server_name.c (-7 / +20 lines)
74	len = _gnutls_read_uint16 (p);	74	len = _gnutls_read_uint16 (p);
75	p += 2;	75	p += 2;
76		76
77	DECR_LENGTH_RET (data_size, len, 0);	77	if (len > 0)
78	server_names++;	78	{
		79	DECR_LENGTH_RET (data_size, len, 0);
		80	server_names++;
		81	p += len;
		82	}
		83	else
		84	_gnutls_handshake_log
		85	("HSK[%x]: Received zero size server name (under attack?)\n",
		86	session);
79		87
80	p += len;	88	}
		89
		90	/* we cannot accept more server names.
		91	*/
		92	if (server_names > MAX_SERVER_NAME_EXTENSIONS)
		93	{
		94	_gnutls_handshake_log
		95	("HSK[%x]: Too many server names received (under attack?)\n",
		96	session);
		97	server_names = MAX_SERVER_NAME_EXTENSIONS;
81	}	98	}
82		99
83	session->security_parameters.extensions.server_names_size =	100	session->security_parameters.extensions.server_names_size =
Lines 85-94 Link Here
85	if (server_names == 0)	102	if (server_names == 0)
86	return 0; /* no names found */	103	return 0; /* no names found */
87		104
88	/* we cannot accept more server names.
89	*/
90	if (server_names > MAX_SERVER_NAME_EXTENSIONS)
91	server_names = MAX_SERVER_NAME_EXTENSIONS;
92		105
93	p = data + 2;	106	p = data + 2;
94	for (i = 0; i < server_names; i++)	107	for (i = 0; i < server_names; i++)

Lines 1-7 Link Here

(-)gnutls-2.0.4/lib/libgnutls.vers (-3 / +58 lines)
1	# libgnutls.vers -- Versioning script to control what symbols to export.	1	# libgnutls.vers -- Versioning script to control what symbols to export.
2	# Copyright (C) 2005, 2006, 2007 Free Software Foundation	2	# Copyright (C) 2005 Free Software Foundation
3	#	3	#
4	# Author: Simon Josefsson	4	# Author: Simon Josefsson
		5	# Patched by: Pavlov Konstantin
5	#	6	#
6	# This file is part of GNUTLS.	7	# This file is part of GNUTLS.
7	#	8	#
Lines 22-27 Link Here
22		23
23	GNUTLS_1_3	24	GNUTLS_1_3
24	{	25	{
25	global: _gnutls; gnutls;	26	global: _gnutls; gnutls; _E_*;
26	local: *;	27	};
		28
		29	GNUTLS_1_6_1 {
		30	global:
		31	gnutls_transport_set_errno;
		32	gnutls_transport_set_global_errno;
		33	};
		34
		35	GNUTLS_1_6_3 {
		36	global:
		37	gnutls_x509_crt_get_raw_dn;
		38	gnutls_x509_crt_get_raw_issuer_dn;
		39	};
		40
		41	GNUTLS_2.0.0 {
		42	global:
		43	gnutls_authz_enable;
		44	gnutls_authz_send_saml_assertion;
		45	gnutls_authz_send_saml_assertion_url;
		46	gnutls_authz_send_x509_attr_cert;
		47	gnutls_authz_send_x509_attr_cert_url;
		48	gnutls_certificate_type_list;
		49	gnutls_cipher_list;
		50	gnutls_cipher_suite_info;
		51	gnutls_compression_list;
		52	gnutls_kx_list;
		53	gnutls_mac_list;
		54	gnutls_protocol_list;
		55	gnutls_sign_callback_get;
		56	gnutls_sign_callback_set;
		57	gnutls_supplemental_get_name;
		58	gnutls_x509_crl_get_signature;
		59	gnutls_x509_crl_print;
		60	gnutls_x509_crt_get_basic_constraints;
		61	gnutls_x509_crt_get_extension_data;
		62	gnutls_x509_crt_get_extension_info;
		63	gnutls_x509_crt_get_issuer;
		64	gnutls_x509_crt_get_proxy;
		65	gnutls_x509_crt_get_signature;
		66	gnutls_x509_crt_get_subject;
		67	gnutls_x509_crt_get_subject_alt_othername_oid;
		68	gnutls_x509_crt_print;
		69	gnutls_x509_crt_set_basic_constraints;
		70	gnutls_x509_crt_set_proxy;
		71	gnutls_x509_crt_set_proxy_dn;
		72	gnutls_x509_dn_get_rdn_ava;
		73	gnutls_x509_privkey_sign_hash;
		74	};
		75
		76	GNUTLS_2.0.4 {
		77	global:
		78	gnutls_record_disable_padding;
		79	gnutls_session_enable_compatibility_mode;
		80	local:
		81	*;
27	};	82	};