Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
大约 1 年 前同步成功

通知 9
Star 18
Fork 1
T
Third Party Openssl

体验新版 GitCode,发现更多精彩内容 >>

提交 8a18bc25 编写于 作者: A Alessandro Ghedini 提交者: Rich Salz
浏览文件
操作

Increment size limit for ClientHello messages 

The current limit of 2^14 bytes is too low (e.g. RFC 5246 specifies the
maximum size of just the extensions field to be 2^16-1), and may cause
bogus failures.

RT#4063
Reviewed-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/413)
上级 c32b9dca
隐藏空白更改
内联 并排
Showing with 18 addition and 1 deletion
ssl/statem/statem_srvr.c
浏览文件 @ 8a18bc25
......@@ -747,6 +747,23 @@ int ossl_statem_server_construct_message(SSL *s)
return 0;
}
/*
* Maximum size (excluding the Handshake header) of a ClientHello message,
* calculated as follows:
*
* 2 + # client_version
* 32 + # only valid length for random
* 1 + # length of session_id
* 32 + # maximum size for session_id
* 2 + # length of cipher suites
* 2^16-2 + # maximum length of cipher suites array
* 1 + # length of compression_methods
* 2^8-1 + # maximum length of compression methods
* 2 + # length of extensions
* 2^16-1 # maximum length of extensions
*/
#define CLIENT_HELLO_MAX_LENGTH 131396
#define CLIENT_KEY_EXCH_MAX_LENGTH 2048
#define NEXT_PROTO_MAX_LENGTH 514
......@@ -760,7 +777,7 @@ unsigned long ossl_statem_server_max_message_size(SSL *s)
switch(st->hand_state) {
case TLS_ST_SR_CLNT_HELLO:
return SSL3_RT_MAX_PLAIN_LENGTH;
return CLIENT_HELLO_MAX_LENGTH;
case TLS_ST_SR_CERT:
return s->max_cert_list;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册