Add Mbed TLS version to SSL sessions
The format of serialized SSL sessions depends on the version and the configuration of Mbed TLS; attempts to restore sessions established in different versions and/or configurations lead to undefined behaviour. This commit adds an 3-byte version header to the serialized session generated and cleanly fails ticket parsing in case a session from a non-matching version of Mbed TLS is presented.
This commit is contained in:
parent
aa75583ced
commit
a835da5cb1
1 changed files with 41 additions and 0 deletions
|
@ -47,6 +47,7 @@
|
||||||
#include "mbedtls/ssl.h"
|
#include "mbedtls/ssl.h"
|
||||||
#include "mbedtls/ssl_internal.h"
|
#include "mbedtls/ssl_internal.h"
|
||||||
#include "mbedtls/platform_util.h"
|
#include "mbedtls/platform_util.h"
|
||||||
|
#include "mbedtls/version.h"
|
||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
|
@ -9842,10 +9843,22 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co
|
||||||
return( ssl->session );
|
return( ssl->session );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Define ticket header determining Mbed TLS version
|
||||||
|
* and structure of the ticket.
|
||||||
|
*/
|
||||||
|
|
||||||
|
static unsigned char ssl_serialized_session_header[] = {
|
||||||
|
MBEDTLS_VERSION_MAJOR,
|
||||||
|
MBEDTLS_VERSION_MINOR,
|
||||||
|
MBEDTLS_VERSION_PATCH,
|
||||||
|
};
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Serialize a session in the following format:
|
* Serialize a session in the following format:
|
||||||
* (in the presentation language of TLS, RFC 8446 section 3)
|
* (in the presentation language of TLS, RFC 8446 section 3)
|
||||||
*
|
*
|
||||||
|
* opaque mbedtls_version[3]; // major, minor, patch
|
||||||
* uint64 start_time;
|
* uint64 start_time;
|
||||||
* uint8 ciphersuite[2]; // defined by the standard
|
* uint8 ciphersuite[2]; // defined by the standard
|
||||||
* uint8 compression; // 0 or 1
|
* uint8 compression; // 0 or 1
|
||||||
|
@ -9881,6 +9894,19 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session,
|
||||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Add version identifier
|
||||||
|
*/
|
||||||
|
|
||||||
|
used += sizeof( ssl_serialized_session_header );
|
||||||
|
|
||||||
|
if( used <= buf_len )
|
||||||
|
{
|
||||||
|
memcpy( p, ssl_serialized_session_header,
|
||||||
|
sizeof( ssl_serialized_session_header ) );
|
||||||
|
p += sizeof( ssl_serialized_session_header );
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Time
|
* Time
|
||||||
*/
|
*/
|
||||||
|
@ -10060,6 +10086,21 @@ static int ssl_session_load( mbedtls_ssl_session *session,
|
||||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Check version identifier
|
||||||
|
*/
|
||||||
|
|
||||||
|
if( (size_t)( end - p ) < sizeof( ssl_serialized_session_header ) )
|
||||||
|
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
|
||||||
|
|
||||||
|
if( memcmp( p, ssl_serialized_session_header,
|
||||||
|
sizeof( ssl_serialized_session_header ) ) != 0 )
|
||||||
|
{
|
||||||
|
/* A more specific error code might be used here. */
|
||||||
|
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||||
|
}
|
||||||
|
p += sizeof( ssl_serialized_session_header );
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Time
|
* Time
|
||||||
*/
|
*/
|
||||||
|
|
Loading…
Reference in a new issue